<?php
	require_once('includes.php');
	include_once('check_login_function.php');

	//This function is used in for updating profile used edit.php
	
	//Update the profile
	if (isset($_POST['update'])) {
		//Check if first name is empty
		if (strlen($_POST['firstname']) === 0) {
			$error[] = 'ERROR_FIRSTNAME_REQUIRED';
		} else {
			$user->setFirstname($_POST['firstname']);
		}
		
		//Check if last name is empty
		if (strlen($_POST['lastname']) === 0) {
			$error[] = 'ERROR_LASTNAME_REQUIRED';
		} else {
			$user->setLastname($_POST['lastname']);
		}
		
		$user->setGender($_POST['gender']);
		
		//Concat all fields of address
		$user_address = $_POST['address1'] . '|' . $_POST['address2'] . 
				'|' . $_POST['city'] . '|' . $_POST['state'] . '|' . $_POST['country'] . '|' . $_POST['postal'];
		$user->setAddress($user_address);
		$user->setContact($_POST['contact']);
		
		//Slash for American format (m/d/y), dashes/dots for European format (d-m-y)
		$user->setDoB($_POST['day'] . "-" . $_POST['month'] . "-" . $_POST['year']); 
		
		$user_role = $user->getRole();
		
		//User is person
		if ($user_role === 'patient') {
			$user->setBloodtype($_POST['bloodtype']);
			$user->setAllergy($_POST['allergy']);
		}
		
		//Count the number of error
		if (count($error) === 0) {
			$user->update();
			$message[] = "MSG_PROFILE_UPDATED";
			$_SESSION['message'] = $message;
		} else {
			$_SESSION['message'] = $error;
		}
	
		header('Location: ' . DIR . '/edit.php');
	}
	
	//Add Hospital
	if (isset($_POST['addHospital'])) {
		if (intval($_POST['hospital']) === 0) {
			$hospital_name = $_POST['hospitalName'];
			$hospital_address = $_POST['hospitalAddress'];
			$hospital_contact = $_POST['hospitalContact'];
			//Check hospital name is not empty
			if (strlen($hospital_name) !== 0) {
				//Check if the hospital name exists
				if (Hospital::findID($hospital_name) !== 0) {
					$hospital_id = Hospital::findID($hospital_name);
				} else {
					$hospital = new Hospital($hospital_name, $hospital_address, $hospital_contact);
					$hospital_id = $hospital->insert();
				}
			} else {
				$hospital_id = 0;
			}
		} else {
			$hospital_id = $_POST['hospital'];
		}
		
		//Check if hospital exists
		if ($hospital_id !== 0) {
			$user->attachToHospital($hospital_id);
		}
		
		header('Location: ' . DIR . '/edit.php');
	}

	//Remove Hospital
	if (isset($_POST['unattachHospital'])) {
		$hospital_id = intval($_POST['hospitalID']);
		
		$user->unattachFromHospital($hospital_id);
		if (isset($_POST['from']) && $_POST['from'] === 'edit.php') {
			header('Location: ' . DIR . '/edit.php');
		} else {
			header('Location: ' . DIR . '/admin.php');
		}
	}
	
	//Change Password
	if (isset($_POST['changePassword'])) {
		$old_password = $_POST['passwordOld'];
		$new_password1 = $_POST['password1'];
		$new_password2 = $_POST['password2'];
		
		$user_username = $user->getUsername();
		$user_id = $user->getUserID();
		
		//Compare username and password to user
		if (User::compare($user_username, $old_password) === $user_id) {
			//Check if the password is the same as the retype
			if ($new_password1 === $new_password2) {
				//Check for the length of the password
				if (strlen($new_password1) >= 8) {
					//Update password
					$user->updatePassword($new_password1);
					$message[] = "MSG_PASSWORD_CHANGED";
				} else {
					$message[] = "ERROR_PASSWORD_SHORT";
				}
			} else {
				$message[] = "ERROR_PASSWORD_DIFFERENT";
			}
		} else {
			$message[] = "ERROR_PASSWORD_INCORRECT";
		}
		$_SESSION['message'] = $message;
		header('Location: ' . DIR . '/edit.php');
	}	
	
	//Change e-mail
	if (isset($_POST['changeEmail'])) {
		$new_email = $_POST['email'];
		//check if the new e-mail is empty
		if (strlen($new_email) !== 0) {
			//Check if the new e-mail exists
			if (!User::checkEmail($new_email)) {
				$user->requestEmailChange($new_email);
				$message[] = "MSG_EMAIL_CHANGE_REQUESTED";					
			} else {
				$message[] = 'ERROR_EMAIL_TAKEN';
			}	
		} else {
			$message[] = 'ERROR_EMAIL_REQUIRED';
		}
		
		$_SESSION['message'] = $message; 
		header('Location: ' . DIR . '/edit.php');
	}	

	//Remove change e-mail
	if (isset($_POST['removeChangeEmail'])) {
		$user->removeRequestEmailChange();
		$message[] = 'MSG_EMAIL_CHANGE_REMOVED';
		$_SESSION['message'] = $message; 
		header('Location: ' . DIR . '/edit.php');
	}		
	
?>